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-- The MAILING DA TE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )^ Responsive to communication(s) filed on 19 November 2007 . 
2a)^ This action is FINAL. 2b)D This action is non-final. 

. 3)D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^3 Claim(s) 1-21 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) . is/are allowed. 

6) 13 Claim(s) 1-21 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) E3 The drawing(s) filed on 31 March 2004 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) ^ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
aM AN b)D Some * c)D None of: 

1. E3 Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1-21 have been examined. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

i 

3. Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over MasRibes 
European Patent Application EP1 132796 (hereinafter MR) in view of Wildish et al U.S. Pub. 
No. 20030212888 (hereinafter Wildish). 

4. As per claim 1 and 10-12, MR discloses a communication device comprising: an 
executing unit to execute software (MR: [00 19]); a memory configured to store permission data, 
the permission data indicating permissible behavior for an application, the application being a 
group of functions provided by execution of the software (MR: [0020]: RRL certificate); a 
checking unit configured to check, before the software is executed, whether the permission data 
are valid; and an execution control unit configured to permit the executing unit to execute the 
software when, on the basis of a result of the check carried out by the checking unit, the 
permission data are determined to be valid, and for not permitting said executing unit to execute 
the software when, on the basis of the result of the check executed by said checking unit, the 
permission data are determined to be invalid (MR: [0021]: check if the certificate is still valid). 
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MR does not explicitly disclose accessing an external device to verify whether the permission 
data is still valid. However, Wildish discloses checking Certificate Revocation List periodically 
to determine whether the certificate has been revoked prior to expiration time indicated in the 
certificate (Wildish: [0010]). It would have been obvious to one having ordinary skill in the art to 
verify the status of the permission data prior to execution of the software by checking with 
certificate distribution center because it provides certificate revocation list as well known in the 
art. Therefore, it would have been obvious to one having ordinary skill in the art at the time of 
applicant's invention to combine the teachings of Wildish within the system of MR because it 
validates the certificate prior to the expiration. 

5. As per claim 2, MR as modified discloses the device of claim 1 . MR as modified further 
discloses a determining unit configured to determine whether it is necessary to carry out the 
check by the checking unit, the checking unit either carrying out or not carrying out the check on 
the basis of a determination made by the determining unit (Wildish: [0046]). 

6. As per claim 3, MR as modified discloses the device of claim 2. MR as modified further 
discloses wherein, said determining unit comprises: a counting unit configured to count a number 
of executions of the software; and a frequency data memory configured to store frequency data 
indicating how frequently it is necessary to carry out the check; and wherein, said determining 
unit determines, on the basis of a number of executions of the software, as counted by said 
counting means, and on the basis of the frequency data stored in said frequency data storing 
means, whether it is necessary to carry out a check by said checking means (Wildish: [0046]). It 
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would have been an obvious matter of design choice to establish the frequency of the certificate 
verification process. 

7. As per claim 4, MR as modified discloses the device of claim 2. MR as modified further 
discloses wherein, said determining means comprises: a timer means for providing time data 
indicating a present time; and a time interval data storing means for storing time interval data 
indicating a time interval at which it is necessary to carry out the check; and wherein, said 
determining means calculates, on the basis of time data provided by said timer, a time period 
between a present time and a time recorded at a most recent execution of the software, and 
determines whether it is necessary to carry out the check by said checking means on the basis of 
the calculated time period and the time interval data stored in said time interval data storing 
means (Wildish: [0046]). Same rationale applies here as above in rejecting claim 3. 

8. As per claim 5, MR as modified discloses the device of claim 1 . MR as modified further 
discloses wherein: said communication device further comprises count data storing means for 
storing count data indicating a count of times that the software is allowed to be executed in a 
condition that said checking means is unable to make the check; and said execution control 
means permits said executing means to execute the software in a condition that said checking 
means is unable to make the check up to a number of times which is indicated by the count data 
stored in said count data storing means (Wildish: [0010]; [0046]). Same rationale applies here as 
above in rejecting claim 3. 
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9. As per claim 6, MR as modified discloses the device of claim 1 . MR as modified further 
discloses an updating means for obtaining update data from said external device, and updating 
the permission data stored in said permission data storing means on the basis of the update data 
(MR: [0010]: update on the status of the certificate). 

1 0. As per claim 7, MR as modified discloses the device of claim 6. MR as modified further 
discloses wherein: said updating means transmits, to said external device, update timing data 
indicating a timing of a most recent update of the permission data stored in said permission data 
storing means, when said checking means makes the check; receives update data transmitted 
from said external device in response to the transmission of the update timing data; and updates 
the permission data stored in said permission data storing means on the basis of the update data 
(Wildish: [0046]). Same rationale applies here as above in rejecting claim 3. 

11. As per claim 8, MR as modified discloses the device of claim 1 . MR as modified further 
discloses a terminating means for instructing said executing means to terminate execution of the 
software when the application attempts to conduct behavior which the application is not 
permitted to conduct (MR: [0028]: execute only when the certificate is valid). 

12. As per claim 9, MR as modified discloses the device of claim 1 . MR as modified further 
discloses wherein: the permission data contain information on usage of at least one of an internal 
hardware resource of said communication device, an external hardware resource of said 
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communication device, a software resource and a communication network resource (MR: [0019]: 
RRL). 

13. As per claim 13, MR as modified discloses a device according to claim 1 . MR as 
modified further discloses wherein the application comprises a Java application (MR: [0030]: 
Java Programs); and wherein the permission data comprises a scope of rights which are granted 
to the Java application (MR: [0021] lines 7-11: the validity period indicate the period which is 
rights are granted to the application). 

14. As per claim 14-18, MR as modified discloses the device according to claim 1. MR as 
modified further discloses wherein the permission data indicates that the application is allowed 
to access required information (MR: [0021] lines 7-11: the validity period of the certificate 
determines whether the resources are accessible according the period specified). 

15. As per claim 19-21, MR as modified discloses the method according to claim 10. MR as 
modified further discloses wherein the permission data indicates that the application is allowed 
to access required information (MR: [0021] lines 7-11: the validity period of the certificate 
determines whether the resources are accessible according the period specified). 

Response to A rguments 

16. Applicant's arguments filed 1 1/19/07 have been fully considered but they are not 
persuasive. 
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Regarding applicant's remarks, applicant argues that the RRL is the data stating required 
resources, not permission data. However, the examiner has indicated that the. permission data is 
the RRL certificate and the certificate is used for security reasons (MR: [0020] line 4: security 
reason). In the RRL certificate, the certificate indicates a validity period, which is used to 
determine validity of the certificate and determine whether the mobile code can still be executed 
(MR: [0021] lines 7-11). Therefore, applicant has misinterpreted the RRL to-be permission data 
while the examiner indicated that the RRL certificate, with the validity period, to be the 
permission data used for security purposes. 

Conclusion 

17. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Skibbie et al. U.S. Pat. No. 6910128 discloses a method for processing a signed applet by 
verifying the certificates associated with JAR files. 

Lin et al. U.S. Pat. No. 6766353 discloses method for authenticating a java archive for 
portable devices that includes developer's certificate to be validated. 

Hope et al. U.S. Pub. No. 20030079125 discloses method for electronic certificate 
revocation. 

Heddings et al. U.S. Pat. No. 6993665 discloses applet permissions manager. 
Shrader et al. U.S. Pat. No. 6526513 discloses architecture for dynamic permissions in 

Java. 
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1 8. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shin-Hon Chen whose telephone number is (571) 272-3789. The 
examiner can normally be reached on Monday through Friday 8:30am to 5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Shin-Hon Chen 
Examiner 
Art Unit 2131 
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